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DETAILED ACTION 

1. Claims 52-56 have been submitted. Claims 53 and 54 have been amended. The attorney's 
amendment has necessitated change in the grounds of rejection. This action is final. 



2. With respect to Claim 56, Abadi on pages 204-205, section 2.3 does not disclose a 'language 
tutorial' as the attorney might suggest. Abadi discloses the heart of the applicant's invention 
which are the assertion of freshness constraints, Abadi discloses that the freshness of a message 
is proven by including a nonce such as a timestamp within the message being sent to verify its 
freshness. This occurs over a network such as the one shown in Abadi, Figure 1 on page 201. A 
server S, and two stations A and B are shown as part of a network. The timestamp Ts allows A 
to believe that S sent the message recently. 

The server S represents the revocation authority because it generates a message 
containing a timestamp, Ts to prove to the recipient A that the message has been sent recently 
(see pg. 201, column 2) or are fresh meaning that they have not been sent before the start of the 
current authentication (see page 202, column 1). 

3. With respect to Claim 56, the first and second limitation is met by Figure 1. The message sent 
by the server on channel 2 includes a timestamp based on its freshness pohcy. The revocation 
authority is the server S. The verification authority step is inherently disclosed on pg. 201 at 
station A and B. If A can decrypt a message sent by S with a key Kas known only to A and S, 
then A believes the message must have come from S and hence authenticates/verifys S. A also 



Response to Arguments 
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believes from the recent timestamp Ts that S sent the message recently. The same reasoning 
applys to station B. Hence the verification steps substitutes for a verification authority because 
stations A and B perform the verification process that would have been done by a verification 
authority. 

4. With respect to Claim 52-54, the attorney argues that column 2, page 201 does not teach 
"deriving freshness constraints from initial policy assumptions and an authentic statement." 
Figure 1 on page 20 1 of Abadi clearly shows freshness constraints of a timestamp contained with 
an authentic statement shown within the message sent from the server to station A. The initial 
policy assumptions are that if the message contains a recent timestamp Ts, A believes that S sent 
the message recently. Contrary to what the attorney might think, time has everything to do with 
freshness, (see Abadi, page 202, column 1). It says timestamps are used to prove that messages 
are fresh. This is a direct admission that time is directly related to the freshness of a message, 
contrary the attorney's statement. 

5. The attorney further argues that |tnow-ttimestamp|<= 5| is not the same thing as |Clock - T| <= Atl 
+ At2 with respect to the right hand side of these inequalities. 

(See Denning, page 534, column 2) Atl is an interval between the server's clock and the local 
clock At2 is an interval representing the expected network delay time. From Claim 52 limitation, 
5 represents a represents a minimum freshness restraint pertaining to the particular assertion. 
The freshness restraint refers to a time limitation and can be taken to mean Atl + At2 because 
they both represent an interval of time that represents some form of restriction on time. 
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6. With respect to Claim 53, Abadi on page 202, T paragraph, 5 sentence says that 
timestamps are used to prove that messages are fresh and the server's message that contains 
encryption keys do contain a timestamp as well (see Abadi, Fig. 1). The timestamped message 
contains a key that once received by A is used to decrypt the message. Hence, if A is able to 
decrypt this message, it has verified that the message comes from S. This is the validity 
assertion that the attorney fails to recognize. 

7. The second limitation of Claim 53 of "means for asserting freshness constraints indicating a 
length of time and the initial assertions that the freshness constraints relate to" is met by Abadi 
on page 204, column 1, lines 1-21. If a rule exists that implements a process for asserting 
freshness constraints, this makes the existence of means to execute this process as obvious. 
Furthermore, the cited disclosure shows timestamp/freshness verification occurs from the fact 
that the freshness of X is being proven by including a nonce i.e. a timestamp in the message X. 
Hence this reads on the applicant's limitation. 

8. With respect to Claim 54, the limitation of the preamble of "protecting an authority of a 
distinguished principal and enforcing revocation when the authority is compromised is inherent 
on page 201, column 1 and 2. The authentication role plays a role of securing the systems (see 
Abadi, page 201, column 1). Authentication is accomplished through the use of encryption keys 
and timestamps. Hence, these resources allow the authentication system to protect the authority 
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of a distinguished principal (person, computer or server) in a computer system (see column 1 and 
2 of page 201). Therefore, these three means are obvious from Abadi's disclosure. 

9. With respect to Claim 55, Van Oorschot et al teaches the first four limitations on column 1, 
lines 30-67 and column 2, lines 1-9. The certification authority (CA) represents the delegating 
authority while freshness constraints are represented by the validity period. The validity period 
in a certificate implies a default expiry date of the certificate after which the certificate is invalid. 
This works the same exact way as a timestamp, whereby if the time is expired, it is no longer 
valid. The fourth limitation of Claim 55 has already been discussed above. 



The following is a quotation of 35 U.S. C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

Claims 52-54 and 56 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Abadi et al in view of Denning et al. 



Claim Rejections - 35 USC § 103 



With respect to Claim 52, 



Abadi et al teaches: 
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"deriving freshness constraints from initial policy assumptions and an authentic statement" (see 
page 201, colunm 2, including Fig. 1). 

"imposing freshness constraints by employing recent-secure authenticating 
principals to effect revocation" (see page 201, column 2, including Fig. 1). 
Abadi et al however does not explicitly teach the expression of |tnow - 1 timestampi < 5. Denning 
however shows this. 

Denning et al teaches "verifying that a relation |tnow - 1 timestanpl < 6 is satisfied for verification of 
a secure channel, where ttimestamp being a time of a time stamp pertaining to a vaUdity assertion of 
a particular assertion, 5 being a minimum necessary freshness constraint pertaining to the 
particular assertion and tnow being the time of verification" (see page 534, column 2, lines 1-16). 

It would have been obvious to one of ordinary skill in the art at the time the invention was made 
to combine the teachings of Denning et al within the system of Abadi et al because as Denning 
et al states in the cited section, this protocol protects against replay attacks. 

Therefore, it would have been obvious to employ the teachings of Denning et al within the 
system of Abadi et al to obtain the claimed invention. 



With respect to Claim 53, 
Abadi et al teaches: 
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"means for creating a time stamped validity assertion message pertaining to the validity of an 
initial assertion" on page 202, second paragraph, 5* sentence. 

"means for asserting freshness constraints indicating a length of time and relating to said initial 
assertion" on page 204, Hnes 1-21, column 1. 

Abadi et al however does not explicitly teach the expression of |tnow - 1 timestampi < 5. Denning 
however shows this. 

Denning et al teaches "means for verifying that a relation |tnow -ttimestamp | < 5 is satisfied where 
ttimestamp is a time stamp contained in said message, 5 is a selected constant that represents a 
minimum necessary freshness constraint pertaining to said initial assertion and tnow is the time 
of verification" on page 534, column 2, lines 1-16. 

It would have been obvious to one of ordinary skill in the art at the time the invention was made 
to combine the teachings of Denning et al within the system of Abadi et al because as Denning 
et al states in the cited section, this protocol protects against replay attacks. 

Therefore, it would have been obvious to employ the teachings of Denning et al within the 
system of Abadi et al to obtain the claimed invention. 

With respect to Claim 54, 
Abadi et al teaches: 
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"a first means for issuing an authoritative assertion by a distinguished principal; a second means 
for asserting freshness constraints on the assertion; a third means for asserting a time stamped 
validity assertion to the assertion indicating the validity of the assertion at the time of the time 
stamp" on page 201, column 2. 

Abadi et al however does not explicitly teach the expression of |tnow - 1 timestampl < 5, Denning 
however shows this. 

Denning et al teaches "means for verifying that a relation |tnow - ttimestamp | < 6 is satisfied for 
each particular assertion necessary for verification of a secure channel, where ttimestamp being the 
time of a time stamp pertaining to the validity assertion of the particular assertion, 5 being the 
minimum necessary freshness constraint pertaining to the particular assertion, and tnow being the 
time of verification" on page 534, column 2, lines 1-16. 

It would have been obvious to one of ordinary skill in the art at the time the invention was made 
to combine the teachings of Denning et al within the system of Abadi et al because as Denning 
et al states in the cited section, this protocol protects against replay attacks. 

Therefore, it would have been obvious to employ the teachings of Denning et al within the 
system of Abadi et al to obtain the claimed invention. 
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With respect to Claim 56, the limitation "means for preparing a statement of an 
assigned revocation authority in a distributed system network in response to a policy, said 
revocation authority statement being associated with an initial statement" is met on page 204, 
columns 1 and 2; "means for preparing a statement of a freshness constraint period in the 
distributed system network in response to said poUcy, said freshness statement being 
associated with said revocation authority statement" is met on page 204, columns 1 and 2 and 
section 2.3 on page 205; "means for preparing a validity statement at said assigned revocation 
authority in the distributed system network in response to said policy, said validity statement 
including a verification status at some temporal reference" is met on page 204, columns 1 and 
2 and section 2.3 on page 205; "means for providing said revocation authority statement, said 
freshness statement, and said validity statement to a verification authority in the distributed 
system network" is met on page 204 and 205; and "means for selectively verifying said initial 
statement at said verification authority in response to said initial statement, said revocation 
authority statement, said freshness statement, and said validity statement" is met on page 204, 
columns 1 and 2, page 205, section 2.3. 

Claim 55 are rejected under 35 U.S.C. 103(a) as being unpatentable over Van Oorschot et 
al (569943 1) in view of Denning et al. 

Van Oorschot et al teaches: 

"means for issuing certificates for principals within an organization by the 
organization; means for asserting, by the organization, a principal authorized as an 
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authority for issuing time stamped certificates; means for delegating authority for 
issuing time stamped certificates; means for asserting freshness constraints on 
assertions" on column 1, lines 30-67 and column 2, lines 1-9. 

Van Oorschot et al however does not explicitly teach the expression of |tnow - 1 timestan^l 5. 
Denning however shows this. 

Denning et al teaches "means for verifying that a relation |tnow - ttimestampi < 5 is satisfied for 
each particular assertion necessary for verification of a secure channel, where ttimestamp being a 
time of a time stamp pertaining to the validity assertion of a particular assertion, 5 being a 
minimum necessary freshness constraint pertaining to the particular assertion and tnow being 
the time of verification" on page 534, column 2, hnes 1-16. 

It would have been obvious to one of ordinary skill in the art at the time the invention was made 
to combine the teachings of Denning et al within the system of Van Oorschot et al because as 
Denning et al states in the cited section, this protocol protects against replay attacks. 

Therefore, it would have been obvious to employ the teachings of Denning et al within the 
system of Van Oorschot et al to obtain the claimed invention. 
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Conclusion 



Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, TfflS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Tracey Akpati whose telephone number is 703-305-7820. The 
examiner can normally be reached on 8.30am-6.00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on 703-305-4393. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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